Dude, Where's My Blog?

Larry Bonewend's impressive entry in the Green Screen Challenge really ought to be included here, for obvious reasons:



Thanks, Larry. That is exactly what it was like.

(And Hollywood executives looking for next year's christmas smash hit - for a yuletide tale that involves the cool of computers, the romance of hacking, and the excitement of blogging - CALL ME. This thing has "hit" written all over it.)

Blogger restores my blogs

Good news!

Overnight AnonymousLefty and BoltWatch have been unceremoniously taken from the hacker, returned to me, and are now restored. Entirely.

It took Blogspot six days. But when it got around to my email, it didn't mess around. It simply fixed the problem. So, bravo.

Please update your links again (yes, again, I'm sorry about all this).

I still don't know who the hacker was, and I'm not sure if I'll take the matter to the police (I strongly suspect that their attitude will be, "uh, you had your blog stolen? Hold on while I type this into my invisible typewriter!"). But in the meantime, everything's back to normal. Yes, a few comment threads from the last week will be orphaned from the original posts - and yes, a few kindly bloggers who've quickly updated their links will be irritated at changing them back. But hopefully that's the entirety of the impact.

It's just nice to be back.

Password Security - Blogspot has none

Go into any competently run password protected computer service and enter a wrong password three or so times. What does the service do? It locks you out for an hour or so and sends you an email letting you know that someone has tried unsuccessfully to log into your account a few times. This (a) slows hackers down and (b) gives you warning that you're being attacked.

What does Blogspot do? Try it. Nothing.

So, I have a very simple theory on how I was hacked: someone ran a brute force password hacking tool through some kind of web script on my login until eventually it hit on the right one.

Which means it could happen to ANYONE using blogspot, no matter how strong their password. It's just a matter of time and will. If you keep quiet and don't piss off any psychos, you're probably okay. If you do... well. We've seen what happens.

I know BlogSpot is a free service. But this fundamental hole makes it effectively unusable. How can anyone spend time creating, developing, working on a blog if they know that at any time it could be hacked by some antisocial reject with a password cracking program and deleted? Offering a service for free doesn't absolve you of responsibility for running it properly.

(And to those unsympathetic spirits who keep blaming me for the whole thing, on the bases of "your password must not have been strong enough", "you're a whiner/apologist for Islamofascists/dickhead and therefore deserve it", or thinks this is some kind of brilliant publicity stunt (yes, see how my technorati rating has grown since losing AL) - I still hope it doesn't happen to you. But it would be ironic if it did.)

PS Five days and counting. Still no response from Blogspot.

3 days and counting

Three days and no response from Blogger/Blogspot.

Bit of a worry for everyone with a blogspot blog, I'd have thought. Any problems with your blog over the CHristmas period and, well, you're on your own...

Meanwhile, please do everyone update your AL and BL links to the "in exile" sites. At least then people wondering what happened, and not having seen any other blog stories explaining where I am, will be able to find me and discover that no, I haven't suddenly completely switched personalities (and become slightly illiterate) after all.

Let's have a little poll. When do YOU think Blogspot will get around to responding to my "URGENT - I'VE BEEN HACKED" query from December 24? (December 23 in the US.) I'll start - I'm guessing 20th February, 2008. Anyone more optimistic than me?

In exile

Since I refuse to be bullied into shutting up (even if it's the holidays and there's not actually a huge amount happening anyway), and since I don't want to spend the next few weeks sidetracked into blogging solely on the soon-to-be-somewhat-tedious issue of a pathetic lowlife stealing my blogs, AnonymousLefty and BoltWatch have recommenced here and here.

Please update your links.

(HackedLefty will continue be updated with news regarding the struggle to regain my original blogs, and to let people know what's happened.)

Is he still on about that?

No response from Blogspot yet. (Bad time of year for this to have happened, obviously.)

I'll let you know when I regain my blogs or move elsewhere. Unless the hacker manages to delete this blog too, of course. I still don't know how s/he managed to figure out my password, which was reasonably complicated. And since I don't know how it happened last time, I'm now completely paranoid that it could happen again.

It's somewhat unnerving.

Anyway. Happy Christmas! May you have a lovely day with your family. (And not come home to find your blog stolen by a psycho dingbat.)

A lovely christmas present

My blog, AnonymousLefty, has been hacked, deleted, and the URL stolen. Likewise BoltWatch.

This is what happened.

For the past month or so there has been a creepy stalking troll following me around the internet, trying to take my identity. It's been posting obnoxious comments on other people's blogs using my pseudonym and the blackadder image.

The loathsome creature even started a blogspot blog at anonymouslefty2.blogspot.com on which s/he reposted my posts, slightly altered.

And this morning, somehow, the bastard hacked into my blogspot account and deleted all my blogs.

They then went and registered them under their alternate "MrLefty" identity. God knows what the thief is going to do with my sites, but it can't be good.

So - BoltWatch is now under the thief's control. So is AnonymousLefty. Efforts are being made to regain the blogs, but in the meantime, this is the notice:

ANYTHING ON ANONYMOUSLEFTY AND BOLTWATCH IS BY THE THIEF, NOT ME.

I presume that anyone who's got a blog of their own and has spent time building the thing, writing posts, conversing with readers will have some idea of how unbelievably infuriating and upsetting this incident is.

Whoever this person is, he or she is scum. I hope blogspot takes this blatant violation of their terms of service seriously. But even if it doesn't, surely this is the sort of thing at which all bloggers, and indeed anyone who reads blogs, can only be outraged. I wouldn't wish this on my worst enemy.

In the meantime, I ask you to consider:

• Letting your readers know what's happened to me (if nothing else, it's a good warning for everyone with a blog to make sure their password is REALLY uncrackable, and that they've got a back up of their posts); and/or
  
• perhaps editorialising/letting blogspot know what you think about a system that enables a hacker to delete blogs without it going through the user's email first, and that lets a deleted blog URL be immediately re-registered by someone else. How secure does this make you feel?

Thanks everyone. And have a happy christmas.

UPDATE:
Oh, and in case anyone was wondering if this really is me, MrLefty, there's a fairly easy way to prove it:


People stealing other people's blogs makes me angry. Particularly if it involves DELETING PHOTOGRAPHS OF ME.

The fake, thieving "MrLefty" temporarily enjoying my old AnonymousLefty URL will almost certainly not be inflicting new photographs of Polly on his/MY unsuspecting readers.

He's still a bad man, though.

UPDATE #2:
Whilst suggesting that I'm faking this whole thing for publicity (so like me), a commenter at Blair's has pointed out something interesting: I do seem to be prone to this sort of thing, at this time of year. Let's see:

• Christmas 2004: Melbourne Lefty blog exposed to my then employer, deleted, and then hijacked by some nefarious fellow with a business selling chemical cures for impotence. (Whereas under me the blog had just caused impotence.)
  
• Christmas 2005: Having pieced together a reasonable guess at my identity from the revelation that my name was Jeremy and that I'd just gone to the Victorian Bar, certain (then ironically anonymous themselves) bloggers launch a campaign to publicise my full name far and wide, whether I want to use a pseudonym or not.
  
• Christmas 2006: Having spent the previous month pretending to be me around the internet, my new stalker deletes my blogs and steals the URLs.

Gosh! I can't wait to discover what they've got in store for me for Christmas 2007!

By the way, I'm more than happy for friendly bloggers to start referring to me with my real name, Jeremy Sear. At present it's only those who detest me who use it, whilst decent friendly types respect my use of a pseudonym. Unfortunately this has the effect that if you google "Jeremy Sear", all that comes up are attacks on me, rather than the more balanced list of references which you'd get if you googled "AnonymousLefty" or "MrLefty". So, please feel free to use my real name.

They are, anyway.

UPDATE #3:
So many theories about what's going on! Over at Blair's they're just flying. Daniel San thinks I've done it to draw attention to myself. Grimmy thinks I've earned it by being a filthy lefty. Charlie Woodscolt thinks I'm trying to bury my tracks for a possible tilt at public office (which makes continuing the blog over here and using my real name a bit daft, but no-one ever said we lefties were sensible).

With such great minds on the case, I'm sure we'll figure out soon what's really going on.

UPDATE #4:
A blogger whose name coincidentally rhymes with "slanderyou" has asked me not to suspect that the hacker is someone affiliated with him. Because this blogger is such a paragon of ethical behaviour, and because I found his clever photoshopping effort of last week inspiring (he photoshopped my head onto the patrons at a brothel! What a genius!), and because frankly the idea of hearing from him again makes the bile churn in my stomach, I've removed the remark. Hopefully he'll be able to enjoy his Christmas now.

UPDATE #5:
Both AnonymousLefty and BoltWatch are back, at new URLs (AnonymousLefty (In Exile) and BoltWatch (In Exile)), while I wait for Blogspot to get around to restoring the original sites. Please update your links.